Drive and enable proactive identification, analysis, and remediation of security vulnerabilities.
Respond to manage pen testing and bug bounty programs.
Work in partnership with Software Architecture, Risk/Compliance, the SRE team, and other partners, to integrate security capabilities into the SDLC.
Subsplash builds The Ultimate Engagement Platform™ for churches, Christian ministries, non-profits, and businesses around the world. They are a family-owned and operated company of 290+ mission-driven people.
Develop and maintain automated security tools and processes to identify vulnerabilities and conduct security testing.
Design and implement secure cloud infrastructure, network architecture, and deployment processes.
Implement security monitoring tools and processes to proactively identify and respond to security events and anomalies.
Deel is an all-in-one payroll and HR platform for global teams, aiming to unlock global opportunity for every person, team, and business. They are among the largest globally distributed companies with a team of 7,000 spanning more than 100 countries, fostering a connected and dynamic culture.
Embed security into CI/CD pipelines and repos using policy-as-code tools (pre-commit hooks, SAST/SCA, IDE tool integrations)
Conduct threat modeling sessions and risk‑driven design reviews early in development
OnePay is a consumer fintech company trusted by millions of Americans to make money better by providing an all-in-one financial services platform. They are backed by Walmart and Ribbit Capital, allowing them rare scale and distribution to build something truly category-defining.
Take ownership of securing high-availability, low-latency systems.
Implement and automate security controls across cloud and on-prem infrastructure.
Enhance resilience, reduce risk, and enable business operations to run safely and efficiently.
Jobgether is a platform that helps candidates find jobs and companies find candidates. They use AI-powered matching to connect talent with opportunities, ensuring a quick, objective, and fair review process.
Serve as trusted advisor to team’s leadership and partner teams by clearly articulating business risks associated with security issues
Lead security operation functions – including vulnerability management, SAST, DAST, detection engineering, and incident response – in CI/CD and cloud-native production environments
Integrate security into our applications throughout the software development lifecycle
They are scaling intelligence to serve humanity by training and deploying frontier models for developers and enterprises, building AI systems to power magical experiences. Cohere is composed of researchers, engineers, and designers who are passionate about their craft, and believes that a diverse range of perspectives is a requirement for building great products.
Bridge security policy and technical execution by translating organizational security requirements into practical solutions.
Design, build, and deploy security controls across web applications, data pipelines, APIs, and Agentic AI systems.
Implement secure-by-design practices throughout the software development lifecycle, including code-level remediations.
EnableComp offers specialty Revenue Cycle Management solutions for healthcare organizations, leveraging 24+ years of expertise and its unified E360 RCM intelligent automation platform. They are a multi-year recipient of the Top Workplaces award and recognized as Black Book's #1 Specialty Revenue Cycle Management Solution provider in 2024.
Secure AI-specific attack surfaces: prompt injection defenses, PII handling in LLM pipelines, model interaction data leakage
Kiefer Tech leverages over 20 years of engineering heritage from the Green Energy sector to deliver cutting-edge AI, robotics, and enterprise solutions across Greece and the EU. They build sovereign AI infrastructure that keeps data within EU borders, respect privacy, and delivers tangible business impact.
Create, manage, and maintain the application security strategy and roadmap.
Develop, execute, and track the performance of security measures to protect Alma’s data, applications, and systems.
Build and provide high-quality application security documentation and training to engineers.
Alma simplifies access to high-quality, affordable mental health care by making it easy and financially rewarding for therapists to accept insurance. Alma has over 20,000 therapists in their growing network and was named one of Inc’s Best Workplaces in 2022 and 2023.
Lead Application Security testing projects and drive remediation of identified vulnerabilities.
Design and run adversarial testing campaigns across the full Buildkite environment.
Build automation for both AppSec and adversarial testing workflows.
Buildkite's mission is to unblock every developer on the planet with their CI/CD platform. They are a remote-first company since 2013 with a small team, high standards, and real ownership distributed across 60+ cities, built around async communication and genuine autonomy.
Implement and maintain security controls across multi-cloud environments (primarily AWS and Azure, with some GCP and AliCloud) and on-prem infrastructure
Own IAM strategy and implementation: design and enforce identity, access, and permissions models that are secure, scalable, and practical
Design and operate key management and custody security controls such as HSMs, secrets management, and secure key handling for trading operations
Auros is a global digital asset liquidity provider operating 24/7 across centralised and decentralised markets. They run high-availability, low-latency systems where resilience and risk discipline matter and treat security as a core engineering and risk function, with direct engagement from senior leadership.
Xapo Bank is a fully distributed team of over 130 Xapiens that work remotely from 30+ countries around the world. They aim to provide economic freedom and wealth protection, searching the world for the best people and inspiring each other to learn and grow.
Design and implement cloud security guardrails across AWS and GCP
Embed policy enforcement and compliance checks directly into Terraform modules
Conduct architecture reviews and continuously harden multi-cloud environments
Beast Industries is a multifaceted media and entertainment company founded by Jimmy Donaldson, popularly known as MrBeast. We are known for revolutionizing digital content creation, encompassing ventures that extend far beyond YouTube.
Support and execute security incident response activities.
Operate and improve enterprise security controls and tooling.
Coordinate security investigations with DevOps, IT, and Engineering teams.
Keeper Security transforms cybersecurity for organizations around the world with next-generation privileged access management. Keeper’s zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and GovRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified.
Utilising knowledge of cloud technology to plan, write and improve cloud security labs, challenges and online learning content on the Immersive platform.
Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification
Test Cloud Security labs to ensure they function as expected
Immersive One is the leading cyber resilience solution across the globe, helping organizations future-proof against cyber challenges. Founded in 2017, they've grown to over 300 global employees and have been voted a Best place to work on multiple occasions.
Lead cross-team infrastructure security initiatives from design through delivery, owning technical outcomes and stakeholder communication
Design and implement security solutions for cloud infrastructure, container platforms, and orchestration systems
Partner with SRE, Infrastructure, and Engineering teams to integrate security into platform services and deployment pipelines
GitLab is an open-core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Their mission is to enable everyone to contribute to and co-create the software that powers our world.
Serve as a security point of contact for external customers deploying into regulated cloud environments.
Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53.
Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production.
Knox runs the largest Federal managed cloud, building and operating secure cloud and AI environments that support the U.S. government’s most critical missions. Their work is high-impact and purpose-driven, expecting speed, rigor, and trust.
Drive security of systems at scale and influence security strategy.
Integrate security into our SDLC with a shift-left approach.
Build a culture where security empowers developers through best practices.
Boulevard provides a client experience platform for appointment-based, self-care businesses, empowering customers to enhance client experiences. They are a team that values diverse backgrounds and believes in equal opportunity, fostering an inclusive culture where employees can excel.
Collaborate with engineering teams to design and build cloud-native applications and infrastructure that are secure by default.
Use CSPM tools (like Wiz) to discover cloud security findings and provide clear, practical guidance to teams on how to remediate those risks.
Create new security alerts and dashboards within our infosec stack and perform threat hunting across log feeds to identify emerging risks.
KnowBe4 is a cybersecurity company that puts security first. Their AI-driven Human Risk Management platform empowers over 70,000 organizations worldwide to strengthen their security culture.
Lead and grow a high-performing security engineering team.
Own cloud security architecture for AWS.
Embed security into the SDLC: threat modeling, secure coding guidance, code scanning, dependency controls, build-time checks, and release gates.
Keyrock is a leading change-maker in the digital asset space, known for partnerships and innovation. They have over 180 team members around the world from 42 nationalities, with backgrounds ranging from DeFi natives to PhDs, with hubs in London, Brussels, Singapore and Paris.
Work alongside DevOps and engineering teams to ensure our platforms, repositories and CI/CD pipelines are secure by default while remaining easy to build, test, and deploy against
Identify security risks through tools, audits, and monitoring, and drive them to resolution — whether that means changing a policy, updating infrastructure, or improving a pipeline
Take ownership of the security posture across multiple AWS accounts and continuously improve it over time
Versaterm is a global public safety solutions company helping agencies transform how they serve their communities. Since 1977, they’ve been building an ecosystem of intuitive tools designed for public safety agencies, forensic labs, court systems, schools and other institutions.